Microsoft Hyper-V Code Execution Vulnerability (CNVD-2026-17151)

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A code execution vulnerability exists in Microsoft Hyper-V, which can be exploited by an attacker to execute arbitrary code on a system...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from logical errors in several functions. These vulnerabilities could allow for the execution of arbitrary code and the escalation of local...

CVE-2026-26699

CVE-2026-26699 affects sourcecodester Personnel Property Equipment System v1.0. Multiple sources report an arbitrary code execution vulnerability in ip/ppes/admin/admin_change_picture.php. The Red Hat/CIRCL/NVD entries confirm the vulnerable component, but do not provide detailed root-cause speci...

RHEL 8 : openssl (RHSA-2026:3364)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3364 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

Debian dla-4495 : thunderbird - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4495 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4495-1 [email protected]...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : rlottie vulnerabilities (USN-8058-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8058-1 advisory. It was discovered that rlottie did not properly handle certain inputs. An attacker could use this issue to cause a denial...

RHEL 8 : openssl (RHSA-2026:3437)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3437 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

[SECURITY] [DSA 6152-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6152-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 28, 2026 https://www.debian.org/security/faq -...

CVE-2026-2680

Reflected Cross-Site Scripting XSS on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.wolterskluwer.es//incomes/salesDeliveryNotes' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser...

Exploit for CVE-2025-70341

CVE-2025-70341: Insecure Permissions + Arbitrary Code Executio...

CVE-2026-25191

The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may be executed with the installer's execution privileg...

EUVD-2026-9007

IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed when some crafted file is imported by a user with the administrative privilege...

CVE-2026-27776

CVE-2026-27776 affects the IM-LogicDesigner module of the intra-mart Accel Platform. The issue is an insecure deserialization flaw that can be exploited when IM-LogicDesigner is deployed on the system. Arbitrary code execution is possible if a crafted file is imported by a user with administrativ...

CVE-2026-27776

IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed when some crafted file is imported by a user with the administrative privilege...

CVE-2026-27776

IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed when some crafted file is imported by a user with the administrative privilege...

IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization

Overview IM-LogicDesigner module of intra-mart Accel Platform provided by NTT DATA INTRAMART Corporation contains the following vulnerability. Untrusted data deserialization CWE-502 - CVE-2026-27776 This can be exploited only when IM-LogicDesigner is deployed Masataka Sagami reported this...

CVE-2026-27653

The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow arbitrary code to be executed with SYSTEM privileges...

CVE-2026-27653

The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow arbitrary code to be executed with SYSTEM privileges...

CVE-2026-27653

CVE-2026-27653 concerns installers for multiple Soliton Systems K.K. products that contain incorrect default permissions, enabling arbitrary code execution with SYSTEM privileges. The issue is documented in NVD/CVE references as affecting Soliton installers; root cause is permission misconfigurat...

CVE-2025-50857

ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload...